Scanning 2D barcodes, finding free Wi-Fi access points, sending SMS messages, listening to music, and watching MP4 videos: these are very common activities that we do using our smartphones.
Can you imagine that simply doing these things can get your smarphones infected with "worms" that can not only steal personal information from your phone, but also infect your friends's phones.
Sound scary? It will not be long before worms like this spread among smartphones. What makes the attacks feasible is an emerging technology called HTML5-based app development, and it has been rapidly gaining popularity in the mobile industry.
When the adoption of this technology reaches certain threshold, attacks like this will become quite common, unless we do something to stop it. A recent Gartner report says that by 2016, fifty percent of the mobile apps will be using HTML5-based technologies.
All major mobile systems will be affected, including Android, iOS, Blackberry, Windows Phone, etc., because they all support HTML5-based mobile apps.
A notorious problem of the HTML5-based technology is that malicious code can be easily injected into the program and get executed. That is why the Cross-Site Scripting (XSS) attack is still one of the most common attacks in the Web.
XSS attacks can only target at web applications through a single channel (i.e. the Internet), but with the adoption of the same technology in mobile devices, we have found out that a similar type of attack can not only be launched against mobile apps, it can attack from many channels, including 2D barcode, Wi-Fi scanning, Bluetooth pairing, MP3 songs, MP4 videos, SMS messages, NFC tags, Contact list, etc. As long as an HTML5-based app displays information obtained from outside or from anohter app, it may be a potential victim.
Chris Hittinger | EurekAlert!
Superfast fluorescence sets new speed record
27.07.2015 | Duke University
Two crystals are better than one
22.07.2015 | The Agency for Science, Technology and Research (A*STAR)
Physicists from Regensburg and Marburg, Germany have succeeded in taking a slow-motion movie of speeding electrons in a solid driven by a strong light wave. In the process, they have unraveled a novel quantum phenomenon, which will be reported in the forthcoming edition of Nature.
The advent of ever faster electronics featuring clock rates up to the multiple-gigahertz range has revolutionized our day-to-day life. Researchers and...
Researchers have developed an ultrafast light-emitting device that can flip on and off 90 billion times a second and could form the basis of optical computing.
Joint BioEnergy Institute study identifies bacterial protein that is key to protecting rice against bacterial blight
A bacterial signal that when recognized by rice plants enables the plants to resist a devastating blight disease has been identified by a multi-national team...
Researchers in the Cockrell School of Engineering at The University of Texas at Austin are one step closer to delivering smart windows with a new level of energy efficiency, engineering materials that allow windows to reveal light without transferring heat and, conversely, to block light while allowing heat transmission, as described in two new research papers.
By allowing indoor occupants to more precisely control the energy and sunlight passing through a window, the new materials could significantly reduce costs for...
Argonne scientists used Mira to identify and improve a new mechanism for eliminating friction, which fed into the development of a hybrid material that exhibited superlubricity at the macroscale for the first time. Argonne Leadership Computing Facility (ALCF) researchers helped enable the groundbreaking simulations by overcoming a performance bottleneck that doubled the speed of the team's code.
While reviewing the simulation results of a promising new lubricant material, Argonne researcher Sanket Deshmukh stumbled upon a phenomenon that had never been...
23.07.2015 | Event News
10.07.2015 | Event News
25.06.2015 | Event News
30.07.2015 | Life Sciences
30.07.2015 | Health and Medicine
30.07.2015 | Life Sciences